Setting up the SSH Client

Generate your workstation key pair

ssh-keygen -t ed25519
cat ~/.ssh/

and copy/paste it to the servers you need to maintain (~/.ssh/authorized_keys)

cat ~/.ssh/id_*.pub

Eventually store the fingerprint of your public key (MD5 used at GitHub),

ssh-keygen -lf ~/.ssh/ > ~/.ssh/
ssh-keygen -E md5 -lf ~/.ssh/ > ~/.ssh/

also provide the PPK format for e.g. Filezilla, but unless you are willing to compile the dev version, you will have to use RSA or DSA (-t rsa, dsa, rsa1),

sudo apt install putty-tools
puttygen ~/.ssh/id_ed25519 -o ~/.ssh/id_ed25519.ppk

fix the permissions,

chmod 700 ~/.ssh/
chmod 600 ~/.ssh/*
chmod 400 ~/.ssh/id_*

Make it easier to deal with known hosts (don’t hash them out), show the host public key in visual form so you get used to it, and speed up SSH logon by disabling GSSAPI

mv -i /etc/ssh/ssh_config /etc/ssh/ssh_config.dist
grep -vE '^#|^$' /etc/ssh/ssh_config.dist > /etc/ssh/ssh_config
vi /etc/ssh/ssh_config

Host *
    HashKnownHosts no
    GSSAPIAuthentication no
    VisualHostKey yes


Check SSH fingerprint –> see at the bottom